In recent years, various services related to money such as electronic money have become widespread along with improvement of functionality of a mobile information terminal. Further, more information related to personal privacy such as address books, mails, pictures, and website browse history has become to be recorded in a mobile information terminal along with the improvement of functionality of the mobile information terminal. In related art, security for information which is handled in a mobile information terminal has been ensured by user authentication (referred to below as log-in authentication) at the start of the use of the mobile information terminal. However, whether or not the user is kept to be an authentic user is not continuously monitored after the user authentication is performed at the start of the use in the log-in authentication. Therefore, when the mobile information terminal goes to another person for some reasons after log-in authentication, the person who has obtained the mobile information terminal can operate the mobile information terminal without newly performing log-in authentication. Such vulnerability in security of log-in authentication has been a problem in related art. To this problem, Patent Literature 1 has disclosed a portable information terminal that acquires grip positions on the portable information terminal which is gripped by a user in user authentication, by a plurality of pressure sensors and invalidates data inputted by a user required for reception of service provision, when a certain level or higher level of change occurs on the positions which are gripped by the user after the user authentication, so as to cancel the effect of the user authentication which has been already performed. Therefore, even if user authentication is performed and the portable information terminal is stolen in the middle of input of data required for reception of service provision, for example, the user authentication and the data which is inputted by the user are invalidated at the point the terminal goes out of the user's hands. Thus, user authentication is required again to receive provision of services after user authentication is invalidated, achieving to effectively prevent abuse by a third person.